From e04279294469c0d9c8a4f4665d841495f2c83678 Mon Sep 17 00:00:00 2001 From: Christian Grothoff Date: Wed, 26 Jun 2019 21:19:07 +0200 Subject: [PATCH] also check for master public key consistency in taler-exchange-keyup --- src/exchange-tools/taler-exchange-keyup.c | 46 ++++++++++++++++++++++- 1 file changed, 44 insertions(+), 2 deletions(-) diff --git a/src/exchange-tools/taler-exchange-keyup.c b/src/exchange-tools/taler-exchange-keyup.c index 28e2ea1d0..4c8682e54 100644 --- a/src/exchange-tools/taler-exchange-keyup.c +++ b/src/exchange-tools/taler-exchange-keyup.c @@ -1160,8 +1160,8 @@ revoke_denomination (const struct GNUNET_HashCode *hc) } if (GNUNET_OK != TALER_EXCHANGEDB_denomination_key_revoke (basedir, - hc, - &master_priv)) + hc, + &master_priv)) { GNUNET_free (basedir); GNUNET_break (0); @@ -1265,6 +1265,48 @@ run (void *cls, GNUNET_CRYPTO_eddsa_key_get_public (&master_priv.eddsa_priv, &master_public_key.eddsa_pub); + /* Check master public key in configuration matches our + master private key */ + { + char *masters; + struct TALER_MasterPublicKeyP mpub_cfg; + + if (GNUNET_OK != + GNUNET_CONFIGURATION_get_value_string (cfg, + "exchange", + "MASTER_PUBLIC_KEY", + &masters)) + { + fprintf (stderr, + "Master public key option missing in configuration\n"); + global_ret = 1; + return; + } + if (GNUNET_OK != + GNUNET_STRINGS_string_to_data (masters, + strlen (masters), + &mpub_cfg, + sizeof (mpub_cfg))) + { + fprintf (stderr, + "Master public key `%s' in configuration is not a valid key\n", + masters); + GNUNET_free (masters); + global_ret = 1; + return; + } + if (0 != GNUNET_memcmp (&master_public_key, + &mpub_cfg)) + { + fprintf (stderr, + "Master public key `%s' in configuration does not match our master private key!\n", + masters); + GNUNET_free (masters); + global_ret = 1; + return; + } + GNUNET_free (masters); + } if (NULL != auditorrequestfile) { auditor_output_file = FOPEN (auditorrequestfile,